William Lieurance created TAMAYA-410:
----------------------------------------
Summary: Update camel-core dependency past CVE-2019-0188
Key: TAMAYA-410
URL: https://issues.apache.org/jira/browse/TAMAYA-410
Project: Tamaya
Issue Type: Improvement
Reporter: William Lieurance
Assignee: William Lieurance
h5. CVE-2019-0188
high severity
*Vulnerable versions:* < 2.24.0
*Patched version:* 2.24.0
Apache Camel prior to 2.24.0 contains an XML external entity injection (XXE)
vulnerability (CWE-611) due to using an outdated vulnerable JSON-lib library.
This affects only the camel-xmljson component, which was removed.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
